6efccf47f84e801a2208770407d10e75bf2d20ed23e3b3f96387290c27b20f84

General

Target

6efccf47f84e801a2208770407d10e75bf2d20ed23e3b3f96387290c27b20f84
Size

4.7MB
MD5

55e064722e928547d80fee36e8307f48
SHA1

a2ebab5b4a63f871d48bc10410c64a0f6e4acd88
SHA256

6efccf47f84e801a2208770407d10e75bf2d20ed23e3b3f96387290c27b20f84
SHA512

5543ee9ccfa96fe70f6b7f9370fe28df90a3a203785cc743cc72bc7825119e9c5af0aa3f204ac381f83d5c0ce1da6b035e4ce14a57ad2d6082ef727c6ad01973
SSDEEP

98304:DRFKMjBlKLIa+PWtp+0k2TY2hTUYxSH/2yv5aiUr4Dm9LwkbZh:jjLJPeA72T9+0G/2yc34Dme4h

Score

6^/10

Malware Config

Signatures

Declares services with permission to bind to the system 2 IoCs

Processes:

description	ioc
Required by notification listener services to bind with the system. Allows apps to listen to and interact with notifications on the device.	android.permission.BIND_NOTIFICATION_LISTENER_SERVICE
Required by accessibility services to bind with the system. Allows apps to access accessibility features.	android.permission.BIND_ACCESSIBILITY_SERVICE

Requests dangerous framework permissions 6 IoCs

Processes:

description	ioc
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an application to send SMS messages.	android.permission.SEND_SMS
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to read SMS messages.	android.permission.READ_SMS

Files

6efccf47f84e801a2208770407d10e75bf2d20ed23e3b3f96387290c27b20f84
.apk android

com.qiyi.video

com.qiyi.video.p407b2628

Activities

com.qiyi.video.p0cb0aae8

android.intent.action.MAIN

com.qiyi.video.p407b2628

android.intent.action.MAIN

com.qiyi.video.pd0a77d7f

android.intent.action.SENDTO
android.intent.action.SEND

Permissions

android.permission.CALL_PHONE
android.permission.SEND_SMS
android.permission.READ_PHONE_STATE
android.permission.ACCESS_NETWORK_STATE
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.VIBRATE
android.permission.READ_CONTACTS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.INTERNET
android.permission.FOREGROUND_SERVICE
android.permission.READ_SMS
android.permission.QUERY_ALL_PACKAGES
android.permission.WAKE_LOCK
android.permission.REQUEST_DELETE_PACKAGES

Receivers

com.qiyi.video.p49060a87

android.provider.Telephony.SMS_DELIVER

com.qiyi.video.p5e3a14da

android.provider.Telephony.WAP_PUSH_DELIVER

Services

com.qiyi.video.pff03a26d

android.service.notification.NotificationListenerService

com.qiyi.video.pc2630c03

android.intent.action.RESPOND_VIA_MESSAGE

com.qiyi.video.p0b42ebee

android.accessibilityservice.AccessibilityService

Android Permissions

6efccf47f84e801a2208770407d10e75bf2d20ed23e3b3f96387290c27b20f84

Permissions

android.permission.CALL_PHONE

android.permission.SEND_SMS

android.permission.READ_PHONE_STATE

android.permission.ACCESS_NETWORK_STATE

android.permission.WRITE_SMS

android.permission.RECEIVE_SMS

android.permission.VIBRATE

android.permission.READ_CONTACTS

android.permission.KILL_BACKGROUND_PROCESSES

android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS

android.permission.INTERNET

android.permission.FOREGROUND_SERVICE

android.permission.READ_SMS

android.permission.QUERY_ALL_PACKAGES

android.permission.WAKE_LOCK

android.permission.REQUEST_DELETE_PACKAGES

Sharing

General

Malware Config

Signatures

Files

com.qiyi.video

com.qiyi.video.p407b2628

Activities

com.qiyi.video.p0cb0aae8

com.qiyi.video.p407b2628

com.qiyi.video.pd0a77d7f

Permissions

Receivers

com.qiyi.video.p49060a87

com.qiyi.video.p5e3a14da

Services

com.qiyi.video.pff03a26d

com.qiyi.video.pc2630c03

com.qiyi.video.p0b42ebee

Android Permissions

6efccf47f84e801a2208770407d10e75bf2d20ed23e3b3f96387290c27b20f84